package cn.bonoon.handler.impl;

import java.util.regex.Pattern;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.authentication.encoding.PasswordEncoder;

import cn.bonoon.core.ILoginEditor;
import cn.bonoon.kernel.exceptions.PasswordVerifierException;
import cn.bonoon.kernel.support.PasswordVerifier;
import cn.bonoon.kernel.support.entities.EntityLoginable;
import cn.bonoon.kernel.util.MD5Util;
import cn.bonoon.kernel.util.StringHelper;

public class PasswordVerifierImpl implements PasswordVerifier{
	private final PasswordEncoder passwordEncoder;
	
	@Autowired
	public PasswordVerifierImpl(PasswordEncoder passwordEncoder){
		this.passwordEncoder = passwordEncoder;
	}
	
	@Override
	public void setPassword(EntityLoginable entity, String pwd, String repwd)throws PasswordVerifierException {
//		if(null == entity) throw new PasswordVerifierException("找不到该用户！");
		entity.setLoginPwd(_verify(pwd, repwd));
	}
	
	@Override
	public void setLoginName(EntityLoginable entity, String loginName) throws PasswordVerifierException {
//		if (null == entity)
//			throw new PasswordVerifierException("找不到该用户！");
		entity.setLoginName(_verify(loginName));
	}
	
	@Override
	public void set(EntityLoginable entity, ILoginEditor editor) throws PasswordVerifierException {
//		if(null == entity) throw new PasswordVerifierException("找不到该用户！");
		entity.setLoginPwd(_verify(editor.getLoginPwd(), editor.getConfimPwd()));
		entity.setLoginName(_verify(editor.getLoginName()));
	}

	@Override
	public String randomPassword(EntityLoginable entity)throws PasswordVerifierException {
//		if(null == entity) throw new PasswordVerifierException("找不到该用户！");
		String pwd = MD5Util.randomMD5String().substring(2, 10);
		entity.setLoginPwd(passwordEncoder.encodePassword(pwd, null));
		return pwd;
	}

	@Override
	public void resetPassword(EntityLoginable entity, 
			String oldPwd, String newPwd, String repwd)throws PasswordVerifierException {
//		if(null == entity) throw new PasswordVerifierException("找不到该用户！");
		if (StringHelper.isEmpty(oldPwd))
			throw new PasswordVerifierException("请输入旧密码！");
		if (StringHelper.isEmpty(newPwd))
			throw new PasswordVerifierException("请输入新密码！");
		if(newPwd.equals(oldPwd))
			throw new PasswordVerifierException("不允许新密码与旧密码设置成一样，请重新输入！");
		if(!passwordEncoder.isPasswordValid(entity.getLoginPwd(), oldPwd, null))
			throw new PasswordVerifierException("旧密码不正确，请重新输入旧密码！");
		
		entity.setLoginPwd(verify(newPwd, repwd));
	}
	//private final Pattern pattern = Pattern.compile("^[a-zA-Z0-9~!@#$%^&*-]{6,20}$");
	@Value("${user.password.pattern}")
	private String pattern;
	@Value("${user.password.pattern.exception}")
	private String patternException;
	@Override
	public String verify(String pwd, String repwd)throws PasswordVerifierException {
		return _verify(pwd, repwd);
	}
	
	private String _verify(String pwd, String repwd)throws PasswordVerifierException{
		//不允许出现非法字符
		if(StringHelper.isEmpty(pwd))
			throw new PasswordVerifierException("请输入密码！");
		if (!pwd.equals(repwd))
			throw new PasswordVerifierException("密码验证码不正确！");
		if(!Pattern.compile(this.pattern).matcher(pwd).matches())
			throw new PasswordVerifierException(patternException);
		return passwordEncoder.encodePassword(pwd, null);
	}
	
	@Override
	public String encodePassword(String pwd) throws PasswordVerifierException {
		if(!Pattern.compile(this.pattern).matcher(pwd).matches())
			throw new PasswordVerifierException(patternException);
		return passwordEncoder.encodePassword(pwd, null);
	}
	
	@Value("${user.loginName.pattern}")
	private String loginNamePattern;
	@Value("${user.loginName.pattern.exception}")
	private String loginNamePatternException;
	
	@Override
	public String verify(String loginName) throws PasswordVerifierException {
		return _verify(loginName);
	}
	
	private String _verify(String loginName)throws PasswordVerifierException{
		if (StringHelper.isEmpty(loginName))
			throw new PasswordVerifierException("请输入登录名！");
		if (!Pattern.compile(this.loginNamePattern).matcher(loginName).matches())
			throw new PasswordVerifierException(loginNamePatternException);
		return loginName;
	}
}
